Campcodes School Fees Payment Management System ajax.php sql injection

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=save_payment. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-13269

Source VulDB

Published Nov 17, 2025 at 07:32

Affected Product

Vendor Campcodes

Product School Fees Payment Management System

Version 1.0

Affected Versions Campcodes School Fees Payment Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=save_payment. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-11-17T07:32:06.275Z",
    "modified": "2025-11-17T07:32:06.275Z",
    "type": "cve",
    "title": "Campcodes School Fees Payment Management System ajax.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.332604\nhttps://vuldb.com/?ctiid.332604\nhttps://vuldb.com/?submit.690034\nhttps://github.com/ASantsSec/CVE/issues/17\nhttps://www.campcodes.com/",
    "id": "CVE-2025-13269",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Campcodes School Fees Payment Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "School Fees Payment Management System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Campcodes School Fees Payment Management System ajax.php sql injection_CVE-2025-13269